private async Task <StringValues> CreateAuthorizationCode(ITokenManager tokenManager)
{
var httpContext = new DefaultHttpContext();
httpContext.Request.QueryString = QueryString.FromUriComponent(@"?response_type=code&client_id=s6BhdRkqt3&redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb&scope=openid%20profile%20email%20offline_access&nonce=n-0S6_WzA2Mj&state=af0ifjsldkj");
var requestParameters = httpContext.Request.Query.ToDictionary(kvp => kvp.Key, kvp => (string[])kvp.Value);
var requestFactory = CreateAuthorizationRequestFactory();
var user = CreateUser("user");
var application = CreateApplication("s6BhdRkqt");
var queryExecutor = new QueryResponseGenerator();
// Act
var result = await requestFactory.CreateAuthorizationRequestAsync(requestParameters);
var authorization = result.Message;
var tokenContext = result.CreateTokenGeneratingContext(user, application);
await tokenManager.IssueTokensAsync(tokenContext);
return(tokenContext.AuthorizationCode.SerializedValue);
}
public async Task Spec_Code_Sample()
{
// Arrange
var httpContext = new DefaultHttpContext();
httpContext.Request.QueryString = QueryString.FromUriComponent(@"?response_type=code&client_id=s6BhdRkqt3&redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb&scope=openid%20profile%20email&nonce=n-0S6_WzA2Mj&state=af0ifjsldkj");
var requestParameters = httpContext.Request.Query.ToDictionary(kvp => kvp.Key, kvp => (string[])kvp.Value);
var requestFactory = CreateRequestFactory();
var tokenIssuer = GetTokenIssuer();
var user = CreateUser("user");
var application = CreateApplication("s6BhdRkqt");
var responseFactory = CreateAuthorizationResponseFactory();
var queryExecutor = new QueryResponseGenerator();
// Act
var result = await requestFactory.CreateAuthorizationRequestAsync(requestParameters);
var authorization = result.Message;
var tokenContext = result.CreateTokenGeneratingContext(user, application);
await tokenIssuer.IssueTokensAsync(tokenContext);
var response = await responseFactory.CreateAuthorizationResponseAsync(tokenContext);
queryExecutor.GenerateResponse(httpContext, response.RedirectUri, response.Message.Parameters);
// Assert
Assert.Equal(StatusCodes.Status302Found, httpContext.Response.StatusCode);
Assert.False(StringValues.IsNullOrEmpty(httpContext.Response.Headers[HeaderNames.Location]));
var uri = new Uri(httpContext.Response.Headers[HeaderNames.Location]);
Assert.False(string.IsNullOrEmpty(uri.Query));
var parameters = QueryHelpers.ParseQuery(uri.Query);
Assert.Equal(2, parameters.Count);
var idTokenKvp = Assert.Single(parameters, kvp => kvp.Key == "code");
var stateKvp = Assert.Single(parameters, kvp => kvp.Key == "state");
Assert.Equal("af0ifjsldkj", stateKvp.Value);
}
public void GenerateResponse_EncodesParameters_OnTheQuery()
{
// Arrange
var expectedLocation = "http://www.example.com/callback?state=%23%3F%26%3D&code=serializedcode";
var httpContext = new DefaultHttpContext();
var generator = new QueryResponseGenerator();
var redirectUri = "http://www.example.com/callback";
var parameters = new Dictionary <string, string[]>
{
["state"] = new[] { "#?&=" },
["code"] = new[] { "serializedcode" }
};
var response = new OpenIdConnectMessage(parameters);
response.RedirectUri = redirectUri;
// Act
generator.GenerateResponse(httpContext, response.RedirectUri, response.Parameters);
// Assert
Assert.Equal(StatusCodes.Status302Found, httpContext.Response.StatusCode);
Assert.Equal(expectedLocation, httpContext.Response.Headers[HeaderNames.Location]);
var uri = new Uri(httpContext.Response.Headers[HeaderNames.Location]);
Assert.False(string.IsNullOrEmpty(uri.Query));
var queryParameters = QueryHelpers.ParseQuery(uri.Query);
Assert.Equal(2, queryParameters.Count);
var codeKvp = Assert.Single(queryParameters, kvp => kvp.Key == "code");
Assert.Equal("serializedcode", codeKvp.Value);
var stateKvp = Assert.Single(queryParameters, kvp => kvp.Key == "state");
Assert.Equal("#?&=", stateKvp.Value);
}
